Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Windows Vulnerability Summary Report

by Henry Kuhfeldt
April 5, 2016

Having the ability to deliver an accurate description of the status of a network is a critical function to reduce risk and effectively direct remediation efforts.  By using this report, the customer will have actionable information to present to management, as well as to administrators responsible for the tasks of daily remediation and maintenance. The report covers Windows vulnerabilities and missing Microsoft Bulletins, which can provide numerous vectors for an intrusion or malware incident.

Moving from an overview trend of Windows vulnerabilities to the Top 10 Class C Networks allows the customer to pivot resources to network segments that require attention or may have slipped through previous assessments.  These networks are weak links in the system and remediating these vulnerabilities will have a dramatic effect on security posture.  Taking a deeper look at individual vulnerabilities brings attention to particular issues that may be wide spread and critically important, regardless of the network they reside on.

Microsoft Bulletins remain an important part of security operations in large Windows deployments.  Missing any of the bulletin patches can leave systems open to inadvertent or intentional exploitation.  Analysts will discover how many hosts are missing bulletins and whether those bulletins have an exploit publicly available, as well as how long SecurityCenter CV has been aware of the issue.  This report allows visibility into patching effectiveness as well as delivering information about potential workflow improvements, which can decrease overall response time and potential attack vectors.

The report is available in the SecurityCenter CV Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The report can be easily located in the SecurityCenter CV Feed by selecting category Executive. The report requirements are:

  • SecurityCenter 5.2
  • Nessus 6.5.4

SecurityCenter Continuous View (CV) is a scalable continuous network monitoring solution that identifies the biggest risk management system that identifies the biggest risk across the entire enterprise. Tenable’s products allows for the most comprehensive and integrated view of network health. Nessus and SecurityCenter are continuously updated with information about advanced threats and zero-day vulnerabilities, as well as new types of regulatory compliance configuration audits, allowing organizations to respond to new threats as they emerge.

Chapters

Executive Summary

The executive summary provides a collection of information to provide insight into vulnerabilities within the Windows operating system environment.  The summary allows the organization to quickly index and prioritize vulnerabilities and network segments that need immediate attention and will improve overall security posture.  Additionally, the summary identifies the top missing Microsoft Bulletins and ranks them by overall score, providing guidance to begin remediation.

Windows Vulnerability Summary

This chapter is focused on the output from the Windows plugin family.  The following sections provide both an overview and a brief summary of the vulnerabilities in the Windows hosts that have been scanned.   The chapter provides information that is both informative and actionable without losing focus on vast quantities of data.

MS Bulletin: Missing Bulletin Summary

This chapter is focused on the Windows MS Bulletin plugin family and delivers a concise high level view of the missing Microsoft Bulletins, the severity of the missing bulletins, and data that will be useful in identifying hosts and bulletins that require attention.  This chapter provides data for further dissemination as well as an immediate set of potential improvements.